Continuous improvement of system and network event visibility. With extensive knowledge and experience with IP networking, DNS, packet captures, and Windows and Linux administration, this role will still be required to be hands-on to ensure the correlation between system and network security validation. Information Security Engineers may also be called on to assist with operations as needed. The duties require the consistent exercise of independent judgment and discretion with limited if any, supervision regarding technical issues requiring advanced knowledge.
Key Responsibilities & Duties:
Establishing testing protocols to identify and document potential security vulnerabilities of IT systems
Collaborate in designing, testing and documenting security programs and scripts (Snort rules, Splunk scripts and templates, etc.) to monitor and analyze network traffic
Test, configure and modify commercial information security solutions
Deploy, maintain and troubleshoot firewalls, network and host IDS and VPN appliances
Establish protocols for and conduct security vulnerability assessments of ICANN enterprise systems
Collaborate in the documentation of information security policies and the creation of security specifications and procedures
Respond to security events and incidents. Collect, analyze and archive electronic and written records, digital media, notes and other evidence. Document the analysis of results and assist in providing security advisories for all users. Identify ways ICANN can learn from security events and avoid repeat events
Lead projects to identify security issues proactively through analysis of network traffic, software and hardware testing, log review and consultation with users
Conduct forensic examinations of digital records, logs and other data
Guidance and oversight of various corporate security systems; such as Mobile Iron MDM, Lenel OnGuard Access Control console, DigiCert s/mime certificates, and others as needed
Work with IT End User Support staff to analyze security-related events to assist with escalation decisions
Oversee and coordinate security patching on ICANN production systems
Coordinate with vendors and external security teams to address security issues on SaaS systems
Other duties as assigned or requested
Required Knowledge, Skills, and Abilities (KSAs):
Subject Matter Expert on the following areas: Authentication; Cryptography; Authorization; Network Security; Application Security, Attack / Defense Techniques
Familiarity with use of Unix and Windows operating systems
Written and verbal communication skills for clear reporting
Knowledge of common vulnerabilities / OWASP Top 10 – Cross Site Scripting, Cross Site Request Forgery, SQL Injection, etc.
Scripting skills such as: shell scripting, Python, Perl, or Ruby
Bachelor's Degree required, Study in Computer Science, Information Technology or a related field desired
Minimum two (2) years of experience or equivalent
Experience with Puppet, Snort, etc.
Hands-on experience with risk assessment, vulnerability scanning, penetration testing, application firewalls, NAC, SIEM, IDS/IPS, and VPN
Fluency, both written and spoken, in English, is required
ICANN is a global organization that values diversity; preference will be given to candidates with demonstrated skills in additional languages besides English
Work is performed in a normal office environment with limited privacy and some exposure to background noise
While performing the duties of this job, the employee is frequently required to stand and walk. The employee regularly is required to sit. The employee is frequently required to talk or hear; use hands and arms to reach, handle or feel. Specific vision abilities required by this job include close vision, color vision, and ability to adjust focus.
The employee may occasionally lift and/or move up to 25 pounds